Title: [255918] releases/WebKitGTK/webkit-2.28/Source/WebCore
- Revision
- 255918
- Author
- [email protected]
- Date
- 2020-02-06 07:09:27 -0800 (Thu, 06 Feb 2020)
Log Message
Merge r255824 - [GTK] Cannot perform most local loads with sandbox enabled
https://bugs.webkit.org/show_bug.cgi?id=202071
Patch by Michael Catanzaro <[email protected]> on 2020-02-05
Reviewed by Carlos Garcia Campos.
SecurityOrigin::canDisplay is improperly checking whether the target file URL points to a
file on the same "volume" (mount point) as the source file. That can't happen here because
this code is running in the web process, but only the network process has access to the
unsandboxed filesystem. This code can only check whether the target file exists within the
sandbox's mount namespace, but that's not what we want to do because we're not going to load
that file, we're going to ask the network process to load the file with the same path
outside the mount namespace.
We can probably live without this check. But if bringing it back is desired, it has to be
done someplace totally different, in network process code rather than web process code.
* page/SecurityOrigin.cpp:
(WebCore::SecurityOrigin::canDisplay const):
Modified Paths
Diff
Modified: releases/WebKitGTK/webkit-2.28/Source/WebCore/ChangeLog (255917 => 255918)
--- releases/WebKitGTK/webkit-2.28/Source/WebCore/ChangeLog 2020-02-06 15:09:22 UTC (rev 255917)
+++ releases/WebKitGTK/webkit-2.28/Source/WebCore/ChangeLog 2020-02-06 15:09:27 UTC (rev 255918)
@@ -1,3 +1,24 @@
+2020-02-05 Michael Catanzaro <[email protected]>
+
+ [GTK] Cannot perform most local loads with sandbox enabled
+ https://bugs.webkit.org/show_bug.cgi?id=202071
+
+ Reviewed by Carlos Garcia Campos.
+
+ SecurityOrigin::canDisplay is improperly checking whether the target file URL points to a
+ file on the same "volume" (mount point) as the source file. That can't happen here because
+ this code is running in the web process, but only the network process has access to the
+ unsandboxed filesystem. This code can only check whether the target file exists within the
+ sandbox's mount namespace, but that's not what we want to do because we're not going to load
+ that file, we're going to ask the network process to load the file with the same path
+ outside the mount namespace.
+
+ We can probably live without this check. But if bringing it back is desired, it has to be
+ done someplace totally different, in network process code rather than web process code.
+
+ * page/SecurityOrigin.cpp:
+ (WebCore::SecurityOrigin::canDisplay const):
+
2020-02-05 Antoine Quint <[email protected]>
[Web Animations] Canceling an accelerated animation before it was committed does not prevent it from playing
Modified: releases/WebKitGTK/webkit-2.28/Source/WebCore/page/SecurityOrigin.cpp (255917 => 255918)
--- releases/WebKitGTK/webkit-2.28/Source/WebCore/page/SecurityOrigin.cpp 2020-02-06 15:09:22 UTC (rev 255917)
+++ releases/WebKitGTK/webkit-2.28/Source/WebCore/page/SecurityOrigin.cpp 2020-02-06 15:09:27 UTC (rev 255918)
@@ -368,7 +368,7 @@
if (url.pathEnd() > maximumURLSize)
return false;
-#if !PLATFORM(IOS_FAMILY)
+#if !PLATFORM(IOS_FAMILY) && !ENABLE(BUBBLEWRAP_SANDBOX)
if (m_data.protocol == "file" && url.isLocalFile() && !FileSystem::filesHaveSameVolume(m_filePath, url.fileSystemPath()))
return false;
#endif
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
